jinks/Flipper-Zero-BadUSB
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update README.md

Browse source
This commit is contained in:
I-Am-Jakoby 2022-12-17 21:07:55 -06:00 committed by GitHub
parent d881b6ce79
commit b54865fedf
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 22 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
Payloads/Flip-ADV-Recon/README.md
View file

@ -19,12 +19,28 @@ A script used to do an advanced level of Recon on the targets computer
## Description ## Description
This program enumerates a target PC to include Operating System, RAM Capacity, Public IP, and Email associated with microsoft account. This program enumerates a target PC to collect as much recon data as possible for future engagements This includes:
The GeoLocation (latitude and longitude) of where the script was ran.
The SSID and WiFi password of any current or previously connected to networks. * Hosts Powershell Version (to know what commands can be run)
It determines the last day they changed thier password and how many days ago. * Name Associated with their Microsoft Account (Or ENV UserName variable if one is not detected)
Intel on the system Info, HDDs, network interfaces, TCP connections, Processes, Services, Installed software, drivers, and video card * Whether they are in the Admin group or not
Along with TREE list of all files in the target computer is gathered and uploaded to your DropBox cloud storage * The email associated with their Microsoft Account (for phishing possibilities)
* Other User accounts on their system (for possible privledge escalation)
* Details on their login settings (Ex: Min/Max password age and length)
* How many days since they have changed their password (Max password age - Days since = Opportunity)
* Their GeoLocation (know their approximate where abouts)
* Nearby Wifi Networks (Possible lateral movement)
* Network Info (Local and Public IP Address; MAC Address; RDP Enabled?)
* WLAN Profiles (List of SSIDs and Passwords stored on their PC)
* Network Interfaces (What are they connecting in and out with)
* System Information (Manufacturer, Model, Serial Number, OS, CPU, RAM, Mainboard BIOS)
* Local Users (Accounts on system with Username, name associated with microsoft account and SID)
* Information on their HardDrives (Indicator of Recon Scope)
* COM and Serial Devices (Is there a device connected you can manipulate?)
* Active TCP Connections (Poor mans Port Scanning)
* Processes, Services, Software, and Drivers (What is running on the computer we can exploit?)
* Video Card info (how much vroom vroom?)
* Tree Command (Gain a more accurate assessment of what to exfil or use in Phishing attacks)
## Getting Started ## Getting Started